|
Health & Community Services Directory and e-Referral System |
| Home | Search | Help | Admin | My Favourites | Contact | About |
Utilising encrypted messaging, via HeSA location keys, to send encrypted referrals via the connectingcare.com site.
Any personal computer capable of connecting to the Internet and running the latest version of Internet Explorer or Netscape. A rough guideline would be:
Health e-Signature Authority (HeSA) Location Keys are utilised for the encryption and authentication process.
For detailed information on Digital Certificates, Public Key Infrastructure, and HeSA's role, please visit http://www.hesa.com.au/apply.htm.
Participating organisations complete current application forms via the HeSA web site, http://www.hesa.com.au/apply.htm. Responsibilities are outlined in the Certificate Policy.
Storage of PKI by Designated Authorised Officer (DAO) - in a locked box placed in a locked draw or safe.
Designated Authorised Officers should ensure that they are familiar with the current requirements of the responsibilities of managing health care location keys as outlined in the Certificate Policy.
Organisations participating accept that, in utilising location keys, referrals received are accepted on the understanding that verification is still required.
Please note that to access the referral form your browser needs to support 128 bit encryption. We recommend that you install Internet Explorer 5.5 (this is free of charge). This will upgrade your encryption level to 128 bit, unless you are using Windows 2000, if so see the note below.
| Internet Explorer 5.5 or later |
Internet Explorer 5.5 already supports 128 bit encryption, unless you are using Windows 2000, see note below. We would recommend upgrading to Internet Explorer 6 or greater. |
| Internet Explorer 4 & 5 |
Click on the Help menu then About, this will display a window that will have a line that reads Cipher Strength: 128bit ... If yours doesn't show 128bit but shows either 40bit or 56bit then you need to upgrade. The easiest way to do this is to install Internet Explorer 6. You can download a copy from the Microsoft web site |
| Netscape 6 |
Netscape 6 supports 128 bit encryption by default. We would recommend that you use Netscape 6.2 or later if you want to use a Netscape browser. |
| Netscape Communicator / Navigator 4 |
If your version of Netscape does not support 128bit encryption then you will need to upgrade to the latest version by downloading it from the Netscape web site. Click on the Download link and follow the links to download the latest version. |
| Important Note for users of Windows 2000 |
Upgrading your browser to Internet Explorer 5.5 does not upgrade you to 128bit encryption. It is recommended that you install the latest service pack for Windows 2000 (currently SP2), this will upgrade your system to 128bit encryption. |
Designated generic e-mail address for referrals - advised on application form for Key - this address must be activated before Keys can be loaded. The set up of e-mail addresses should be discussed by individual IT reps with their local project manager.
Full instructions on how to install digital certificates in Outlook and Outlook Express
Organisations' e-mail policies should be updated to include State & Federal Privacy Commissioner guidelines, highlight password importance and cover use of PKI.
The importance of choosing a password should be outlined in every organisation's e-mail policy.
Access to Key on computer - only by staff designated by DAO via password. Note: Referring via site does not require a key - only receipting.
Password protection is paramount.
To ensure the best practice use of PKI the participating organisation needs to ensure that keys are in no way compromised.
Nobody other than an individual assigned to use a key should know the identity of their password.
This could mean that if someone within or a sub-contractor of the participating organisation currently holds passwords and has physical access to the computer on which the key is located, this arrangement will need to be changed with password management out-sourced.
Passwords should be chosen that are difficult for others to guess.
Commonly used weak password may include the following:
A strong password is one that is long enough and unusual enough that an exhaustive search is not likely to reveal it. A strong password is easy for you to remember but difficult for someone else to guess. Use a password of at least eight characters.
Guidelines on Workplace E-mail, Web Browsing and Privacy (30/3/2000)
See also Victorian Privacy Commissioner - E-mail Disclaimers and Privacy Info Sheet
Staff using site to be trained in how it works - e-mail process will appear seamless - saving to file should align with agency policy - best practice and privacy legislation.
Help Pages:
Navigating the site
Using the Referral Form
Passwords and usernames, to allow referrers details to be populated onto referral form automatically - are managed at a local level by site updater- via designated agency contact. They are not necessary to have to use the site, however save user time and assist in verification of referral process.
The standards are based primarily on those outlined by the Health Insurance Commission www.hic.gov.au, and cover both referrals sent via this trial project as well as referrals received. Organisations should ensure they adhere to best business practice and any legislative requirements
"Project Standards for Storage of Referrals (wholly electronic or scanned)"